MUST HAVE™ Documents 

Privacy Policy
Effective Date: July 10, 2023

Introduction to Must Have LLC's Privacy Policy
Must Have LLC has created this privacy statement in order to demonstrate our firm commitment to privacy

Must Have LLC has been the leader in helping people improve the quality of their lives and we strive to deliver you the best possible experience through multiple channels. Protecting the privacy and security of your personal information is a priority at Must Have LLC, and we believe that a single, comprehensive privacy policy that is straightforward and clear is in the best interests of our customers and our businesses.

About this Policy
This Privacy Policy describes how Must Have LLC collects, uses, and shares personal information of users that interact with Must Have LLC, which consists of websites owned, operated and managed by Must Have LLC., including each website that links to this Privacy Policy. We will also outline the controls and choices you have around when and how you choose to share your personal data.

Changes to this Privacy Policy
Must Have LLC has been changing lives for decades and that means periodically, we will update this Privacy Policy. We reserve the right to change the provisions of this Policy at any time. We encourage you to review this site periodically and we will alert you when changes have been made by updating the Effective Date of the Policy. Your use of the websites constitutes consent to any changes in the Policy as in effect on the date of such use.

Data Collected
When you interact with our site, we collect two types of information: Personally Identifiable Information (PII) and Non-Personally Identifiable Information (NPII). The processing of personal data is governed by the General Data Protection Regulation 2016/679 (the “GDPR”). Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as:

“Any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”

Must Have LLC complies with its obligations under GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorized access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

Our online e-newsletter(s) asks users to give us contact information including name, e-mail address, and other optional communication preferences such as topics of interest, products of interest, birth date and gender.

When creating a free user account, we ask users to create a username, password and to choose their time zone preferences.

To fulfill order requests, we collect contact information including name, billing address, shipping address, financial payment information, and names of live event attendees. We do not store your credit card data on any of our servers and are fully PCI compliant.

If you apply for a job with Must Have LLC, we may ask you to provide more detailed and sensitive personal information required for compliance with our hiring and equal opportunity policies and practices.

Our website includes customer testimonials and product reviews where you may post information, or we may post information with your consent.

Through the contact us form and customer care channels (such as live chat), we may ask users to share information about their devices, platforms, internet connection, device settings, plug-ins, and other items for troubleshooting incoming inquiries.

We also collect some information automatically when you visit our website(s) or log into one of our platform(s). This includes IP address and other online identifiers. We also record the pages that you visit, products you interacted with and other information about your activity on the site(s).

Non-Personally Identifiable Information (“NPII”) data is collected by Must Have LLC and ad technology partners and is used for retargeting. We, and/or one or more of our ad technology partners, may collect NPII from people who visit our website(s). This data is anonymous, and can include information such as web pages you’ve viewed, date and time of pageviews, domain type, location information associated with your IP address, and your interactions to an ad delivered by us or our ad technology partners. Our ad technology partners use different methods to collect this type of data, including cookies and web beacons (pixel tags or clear gifs).


Our Use of Data
Must Have LLC may use your personal information to:

  • Provide products and services
  • Send requested product or service information
  • Send marketing communications through subscribed channels about news, products, offers and events
  • Send you emails, chats, or push notifications to otherwise respond to questions, concerns and customer support inquiries
  • Enable us to process orders for products and services from Must Have LLC websites
  • Send email confirmations, receipts and other transactional emails related to orders from Must Have LLC websites
  • Provide you with continuing access to your customer account on Must Have LLC websites, including your order history and access to digital products, event passes and subscription services
  • Administer membership records
  • Contact you (where necessary) in relation to orders
  • Maintain our own accounts and records
  • Create demographic automatic decision-making profiles for our subscribers, members, and visitors to target our email alerts, website marketing, push notifications, banners, special offers
  • Personalize your experience using automated decision-making for products, services, personalized content, and features
  • Improve the services we offer you, or the functionality of our site(s) and ensure technical functionality
  • Process your payment or prevent or detect fraud

Payment Data
Financial information that is collected is used to bill the user for products and services. We do not store credit card details nor do we share customer details with any 3rd parties in a manner that personally identifies the customer.

If you sign up for a membership, payment plan or purchase any of our paid subscription service, your credit or debit card information (such as card type and expiration date) and other financial data that we need to process your payment may be collected and stored by us and/or the payment processors with which we work. We may also collect some limited information, such as your postal code, mobile number, and details of your transaction history, all of which are necessary to provide the Service. In addition, the payment processors generally provide us with some limited information related to you, such as a unique token that enables you to make additional purchases using the information they’ve stored, and your card’s type, expiration date, and certain digits of your card number.

Legal basis for processing your personal data
Article 6 of the General Data Protection Regulation (2016/679) states that:

  • “Processing shall be lawful only if and to the extent that at least one of the following applies:
    • the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
    • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
    • processing is necessary for compliance with a legal obligation to which the controller is subject;
    • processing is necessary in order to protect the vital interests of the data subject or of another natural person;
    • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
    • processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
  • Point (f) of the first subparagraph shall not apply to processing carried out by public authorities in the performance of their tasks.”

 
Data Retention
We keep your personal data for no longer than reasonably necessary.

Must Have LLC will retain purchase accounting records, tax, VAT and GST records for a minimum of 6 years as required by law. We will retain your information for as long as your account is active or as needed to provide you with services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Our data retention for physical product orders will not extend beyond 10 years, at which time your purchase data will be marked for permanent deletion and will no longer be accessible.

If you purchase a digital product, you will be asked to create a username and password to log into your customer account portal in order to access the product(s) purchased. Digital product purchases grant lifetime ownership and data will be retained in order to carry out our lifetime guarantee. If your digital product is not accessed within a 6-year period at any point in time, your account will be deemed inactive All inactive data will not be retained beyond 10 years at which time the data will be marked for permanent deletion.

When you register to receive emails from Must Have LLC, your personal data is stored so that we can continue to send you relevant emails. You may request removal at any time at https://www.hayhouse.com/newsletter/manage/ or by contacting us.

Must Have LLC retains non-personally identified data, including encrypted, anonymized and pseudonymized data for 10 years.

 

Third Party Websites and Services
Must Have LLC may, from time to time, employ the services of other parties for dealing with certain processes necessary for the operation of the website(s). The data used by such parties is used only to the extent required by them to perform the services that we request. Any use for other purposes is strictly prohibited. Furthermore, any data that is processed by third parties will be processed within the terms of this privacy policy and in accordance with the Data Protection Act of 1998.

Our website(s) includes social media features such as links to our Facebook, YouTube, Instagram, SoundCloud and Twitter pages. Your interactions with these features are governed by the privacy policy of the company providing it. If authorized by you, we may also access profile and other information from services like Facebook. When you use a Must Have LLC app on a social networking site or choose to join (or "like") a Must Have LLC page on a social networking site, the social networking site may provide us with certain information about you, including but not limited to your "likes.” Please see the privacy policy for the applicable social networking site to learn more about how these sites share your personal information.

We work with third party service providers, including but not limited to Google Analytics, to help us better understand how you use the Must Have LLC websites. These third party service providers will place cookies on your computer to collect information, such as how you were referred to the Must Have LLC website, how you navigate around the Must Have LLC website, what you purchase and what traffic is driven by various marketing methods. This information will help us to better serve you and provide you with more personalized information and product offerings. We do not allow third party service providers to collect your credit card information, e-mail address or password information. These third party service providers may only use your personal information to perform services for us and may not share your personal information with anyone else, or use it for any other purpose, except on an aggregated, non-personally identifiable basis.

Must Have LLC may, from time to time, provide links to other websites. We have no control over such websites and are not responsible for the content of these websites. This privacy policy does not extend to your use of such websites. You are advised to read the privacy policy or statement of other websites prior to using them.

Must Have LLC is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.

 
Your Rights & Controlling Use of Your Data
You have the right to ask us not to use your personal information for direct marketing purposes. You also have the right to request a copy of the personal information that we hold about you and to have any inaccuracies rectified. Please note that, as permitted by law, we may charge a nominal fee for information requests and may require you to prove your identity. Following a request, we will use reasonable efforts to supply, correct or delete personal information about you in our files.

Please contact Customer Service to request the removal of your PII from our database or to no longer receive future communications.

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:

  • The right to request a copy of your personal data which Must Have LLC holds about you;
  • The right to request that Must Have LLC corrects any personal data if it is found to be inaccurate or out of date;
  • The right to request your personal data is erased where it is no longer necessary for Must Have LLC to retain such data;
  • The right to withdraw your consent to the processing at any time;
  • The right to request that Must Have LLC provide you with your personal data and where possible, to transmit that data directly to another data controller (where applicable);
  • The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
  • The right to object to the processing of personal data, (where applicable) only applies where processing is based on legitimate interests (or the performance of a task in the public interest/exercise of official authority); direct marketing and processing for the purposes of scientific/historical research and statistics;
  • The right to lodge a complaint with the Information Commissioners Office.

To exercise all relevant rights and for queries of complaints please contact us at https://www.suzeorman.com/contact-us and state “Request My Data Removal.”

You can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5A

Functionality of the Website(s)
To use all features and functions available on the website, you may be required to submit certain data. You may restrict your internet browser’s use of Cookies. For more information, please see the “Cookies” clause below.

Cookies
Cookies are small text files that can store information. There are two types of cookies: session cookies and persistent cookies. Session cookies expire when you close your browser, and persistent cookies stay on your computer until you delete them. Must Have LLC may use both session and persistent cookies to customize your web experience, analyze web traffic, and to improve our range of products and services. Must Have LLC uses cookies and web beacons in the delivery of display advertisements to our website visitors and to our partner website visitors on various sites across the internet. Must Have LLC has carefully chosen these cookies and has taken steps to ensure that your privacy is protected and respected at all times.

All cookies used by our website(s) are used in accordance with the current UK and EU Cookie Law and before a cookie is placed on your computer, you will be presented with a message requesting a better experience and service to you. You may, if you wish, deny consent to the placing of cookies; however certain features of our website(s) may not function fully or as intended.

To disable the Google Analytics cookie and other third party web analytics service provider cookies, you can choose to have your browser notify you when cookies are being written to your computer or accessed, or you can disable cookies. By default, most internet browsers accept cookies but this can be changed. For further details, please consult the help menu in your internet browser.

You can choose to delete cookies at any time however, you may lose any information that enables you to access our website(s) more quickly and efficiently including, but not limited to, personalization settings.

Security
Data security is of great important to Must Have LLC and to protect your data, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure data collected via this website.

If you create an account with password access, you are responsible for keeping your password confidential. It is recommended your password use both upper-case and lower-case letters, inclusion of one or more numerical digits, and inclusion of special characters following general password strength recommendations across the internet.

It is recommended that you ensure that your internet browser is up to date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.

Must Have LLC strives to do our best to protect your personal data. However, transmission of information over the internet is done at your own risk. We cannot ensure the security of your data transmitted to our website(s

General
If any court or competent authority finds that any provision of this privacy policy (or part of any provision) is invalid, illegal, or unenforceable, that provision or part-provision will, to the extent required, be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected. Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.

Must Have LLC. is providing self-help services at your specific direction. We are not a law firm or a substitute for an attorney or law firm. We cannot provide any kind of advice, explanation, opinion, or recommendation about possible legal rights, remedies, defenses, options, selection of forms or strategies.

Must Have LLC, all rights reserved. 
Terms of Use

MUST HAVE™ Documents